Anycast DNS by CIRA

Protection for your website presence

The Domain Name System, or DNS, is one of the fundamental technologies of
the Internet. It makes it possible for your web browser to find any website,
and for your email app to find the server that stores your mail. It's a
critical infrastructure service that's open to attack. If a webhost's DNS
goes away, so do all its websites.

In most networks, all requests during a DDoS go to a single physical
server at one location. Attack traffic (in red) overwhelms the server,
which can't respond to legitimate users.

You might be surprised to learn that most web hosts have only a minimal DNS
network, consisting of a few servers. In a Distributed Denial of Service
attack, or DDoS, that small DNS network is highly vulnerable. There is no
scenario where its DNS service, and therefore its hosted websites, email,
and other services, will survive. Attacks typically last from a few hours to
a few days.

Korax was the first web host in Canada to add Anycast DNS to all hosting
packages. Anycast is the best way to protect from the impact of an attack
against the DNS. An Anycast DNS server is actually a cloud of many physical
servers located around the world. Each receives requests only from its local
geographic region, so its traffic is lower, substantially reducing the
effect of an attack. DNS lookups are also faster, because requests are
answered from a location physically closest to the end-user.

From the outside, the Anycast DNS cloud looks like a single server, but
consists of many servers distributed globally. The impact of an attack is
significantly reduced. Website visitors get a response from a server
physically close to them, enhancing performance.